Spyware Security » Exploit

Malware Leveraging MIDI Remote Code Execution Vulnerability Found

admin — Thu, 26 Jan 2012 17:01:43 +0000

Earlier today, we encountered a malware that exploits a recently (and publicly) disclosed vulnerability, the MIDI Remote Code Execution Vulnerability (CVE-2012-0003). The said vulnerability is triggered when Windows Multimedia Library in Windows Media Player (WMP) fails to handle a specially crafted MIDI file, consequently allowing remote attackers to execute arbitrary code. In the attack that we [...]

‘Remove Facebook Timeline’ themed scam circulating on Facebook

admin — Mon, 09 Jan 2012 14:01:33 +0000

According to InsideFacebook, scammers are exploiting the negative sentiments surrounding Facebook’s Timeline, and are currently spamvertising bogus pages attempting to trick end users into removing their Timeline profile.More from InsideFaacebook.comWe have found 16 Timeline-related scam pages, which have collectively gained more than 71,000 likes. The largest, with nearly 19,000 likes, has been around [...]

2011 in Review: Exploits and Vulnerabilities

admin — Tue, 03 Jan 2012 15:01:33 +0000

In recent years, we have seen client-side software heavily targeted by hackers in search of vulnerabilities. 2011 saw these threats become more complex and sophisticated. We saw attackers increasingly use zero-day vulnerabilities, some of which have been particularly critical. Examples of these include the vulnerability Duqu exploited (CVE-2011-3402); a Java vulnerability (CVE-2011-3544); or Adobe zero-day [...]

The Sykipot Campaign

admin — Sat, 17 Dec 2011 20:12:21 +0000

Last week reports surfaced about a “zero-day” exploit for Adobe Reader (CVE-2011-2462) that had been actively used in targeted attacks beginning in November. The malicious PDFs were emailed to targets along with text encouraging the target to open the malicious attachment. If opened, the malware known as BKDR_SYKIPOT.B installs onto the target system. The reported [...]

Attacks Target TimThumb Vulnerability

admin — Tue, 08 Nov 2011 11:11:32 +0000

We were recently alerted to the reports of an attack leveraging a vulnerability in TimThumb — a PHP script for cropping, zooming, and resizing Web images (.JPG,.PNG, .GIF) and used as an add-on script on WordPress. The said vulnerability enables cybercriminals to perform local file insertion. When successfully exploited, it inserts a PHP script, which [...]

Zero-Day Exploit Used for DUQU

admin — Thu, 03 Nov 2011 04:11:11 +0000

We have been closely monitoring developments on the DUQU malware since our initial blog post when the threat broke the news. And just recently, the Hungary-based security laboratory that initially reported about DUQU released more information that sheds more light into the nature of the said threat. Their report indicates that a Microsoft Word document [...]

Technical Analysis for Mozilla Firefox Array.reduceRight() Vulnerability

admin — Fri, 28 Oct 2011 07:10:15 +0000

The usage of exploits in current threats underlines the critical need for users to keep programs updated at all times. Considering the great amount of time people spend on their computers connected to the Internet, web browsers are prime targets for cybercriminals. This is a technical analysis of a recently discovered vulnerability in one of [...]

A Refresher on Spam and Exploits

admin — Thu, 13 Oct 2011 04:10:32 +0000

Lately, we have been seeing a renewed increase in volume of spam attacks that utilizes an exploit kit – specifically, the BlackHole exploit kit – to trigger a malicious payload. Specifically, we have seen this in the latest slew of Automated Clearing House (ACH) spam, and the more recent spam run related to Steve Jobs’ [...]

‘Steve Jobs Alive!’ emails lead to exploits and malware

admin — Tue, 11 Oct 2011 22:10:06 +0000

Security researchers from M86 Labs have intercepted a currently spreading malware campaign using Steve Jobs as a social engineering theme.

A Special Offer From Our Sponsor Cisco and the Future of the Workplace Mobility Mobile workers will make up 35% of the global workforce in 2013, creating an “anywhere office”. Will your [...]

Facebook Malvertisement Leads to Exploits

admin — Wed, 05 Oct 2011 01:10:04 +0000

There are already many known ways that cybercriminals use in targeting Facebook users. In the infographic that we recently released, The Geography of Social Media Threats, we illustrated the different social networking features abused by cybercriminals, and the threats that they usually lead to. In the course of our research, we found one specific attack [...]